Transition highlights the bank’s investment in advanced cybersecurity and alignment with Central Bank regulations
Nairobi, Kenya – September 11, 2025 – Co-operative Bank of Kenya has successfully transitioned to the updated ISO/IEC 27001:2022 standard, achieving the updated global benchmark for information security management systems. The bank was awarded the certification by BSI, the business improvement and standards company, at a handover ceremony held at Co-operative Bank House on Friday, 5th September 2025.
The certification followed an extensive external audit that evaluated critical security areas including:
- Physical security measures
- Access control systems
- Risk management protocols
- Change management processes
- Business continuity planning
- Security best practices in software development
“Achieving this certification demonstrates our commitment to protecting customer information through world-class information security standards. This milestone has enhanced our risk management, standardised information security policies organisation-wide, and strengthened our incident response capabilities. The comprehensive controls we’ve implemented ensure regulatory compliance while reinforcing the trust our customers, partners, and regulators place in Co-operative Bank,” said Charles Washika, Director ICT & Innovations at Co-operative Bank of Kenya.
“The global digital landscape is changing, with core business practices now increasingly cloud-based and digitally reliant. BSI is proud to be a trusted partner as organisations respond to this. Certification to the information security management systems standard (ISO/IEC 27001) shows that Co-op Bank has taken the necessary steps to protect itself against cyber threats and ensure its information security is in line with global best practice. This focus on achieving digital trust is crucial in a world of technological transformation. Congratulations to the team on this achievement,” said Ilias Karampoikis, IMETA Sales and Commercial Director
Co-operative Bank made history in 2014 as the first bank in East Africa to achieve ISO/IEC 27001:2013 certification. The updated standard provides a holistic approach to address modern threats, vulnerabilities, and impacts while ensuring the confidentiality, integrity, and availability of sensitive data.
The certification directly benefits Co-operative Bank’s customers by ensuring their personal and financial data is processed and stored using internationally recognised security protocols. The bank’s robust Information Security Management System minimizes the risk of data privacy breaches while supporting secure digital banking services.
“Over the past decade since our initial ISO certification, we have continuously invested in strengthening our information security capabilities. In response to evolving cyber threats, we’ve scaled up our investments by acquiring cutting-edge security tools, hiring qualified cybersecurity experts, and implementing new systems to address all 93 ISO/IEC 27001 controls. This sustained commitment ensures our customers benefit from the most advanced security infrastructure in the region,” added Mr. Washika
As the pioneer in achieving ISO/IEC 27001 certification in East Africa, Co-operative Bank continues to set the benchmark for information security in the region’s banking sector. This certification strengthens the bank’s position to serve international clients and supports its expansion strategy across East Africa.
The achievement aligns with Kenya’s broader financial sector digitisation goals and complements the bank’s compliance with Central Bank of Kenya regulations.
Co-operative Bank remains dedicated to maintaining and continuously enhancing its information security standards. The bank’s investment in achieving this updated certification reflects its long-term commitment to protecting customer information and supporting Kenya’s digital economy growth.
Ends
About Co-operative Bank of Kenya
The Co-operative Bank Group (‘Co-op Bank’) is incorporated in Kenya under the Company’s Act and is licensed to carry out the business of banking under the Banking Act. The Bank was listed in 2008 wherein it is now the largest Co-operative Bank in Africa.
The Group is one of the largest financial institutions in the region and has 5 subsidiaries namely, Kingdom Securities Ltd, Co-optrust Investment Services Limited, Co-op Bancassurance Intermediary Ltd, Kingdom Bank Limited and Co-operative Bank of South Sudan; The Bank also owns a 24.8 per cent stake in CIC Insurance Group and 25% of Co-op Bank Fleet Africa Leasing Limited. The Bank’s footprint across Kenya and the region includes: 212 branches in Kenya, 5 in South Sudan, 619 ATMs & Cash Deposit Machines (CDMs), and over 15,000 Co-op Kwa Jirani agency banking outlets supporting our growing client base.
About ISO 27001:2022
ISO 27001:2022 is the latest version of the internationally recognised standard for Information Security Management Systems (ISMS), published by the International Organisation for Standardisation. This comprehensive framework provides organisations with a systematic approach to managing sensitive information through people, processes, and technology controls.
The 2022 update introduces 11 new security controls addressing modern cybersecurity challenges including cloud security, threat intelligence, data masking, secure coding practices, and enhanced monitoring capabilities. Organisations must demonstrate compliance with all 93 controls covering areas such as access management, cryptography, physical security, incident management, and business continuity.
The standard requires organisations to establish, implement, maintain, and continually improve their information security management systems through a risk-based approach. Regular external audits by accredited certification bodies ensure ongoing compliance and effectiveness of security measures.
ISO 27001:2022 certification demonstrates an organisation’s commitment to protecting confidential information, managing security risks systematically, and maintaining stakeholder trust. It is particularly valuable for financial institutions handling sensitive customer data and operating in increasingly complex digital environments.
For media enquiries:
Ngumo Kahiga
Head of Marketing and Communication
nkahiga@co-opbank.co.ke
Discover the stories shaping our future with Impact News on Impact Newswire — your trusted source for the latest in business, technology, and global innovation that inspires change.”
Discover more from Impact Newswire
Subscribe to get the latest posts sent to your email.
